Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

224 New today
65,462 Total advisories
Live Monitoring

Daily Security Trends (Last 14 Days)

336
Jun 12
60
Jun 13
68
Jun 14
443
Jun 15
630
Jun 16
464
Jun 17
3
Jun 18
352
Jun 19
56
Jun 20
104
Jun 21
317
Jun 22
294
Jun 23
355
Jun 24
175
Jun 25
Critical
High
Medium
Low

Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.8 CVE-2026-57454

Vim: Out-of-bounds Read with Text Properties_CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose ...

vim vim >= 9.2.0320, < 9.2.0679 CVE
MEDIUM 6.5 CVE-2026-57453

Vim: PowerShell Command Injection via Unescaped Filename in zip.vim Extraction_CVE-2026-57453

Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShel...

vim vim >= 9.1.1784, < 9.2.0678 CVE
MEDIUM 5.5 CVE-2026-57452

Vim: Out-of-bounds Read with libsodium-encrypted Files_CVE-2026-57452

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (x...

vim vim < 9.2.0671 CVE
MEDIUM 5.3 CVE-2026-57451

Vim: Out-of-bounds Read in Text Property Count_CVE-2026-57451

Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline ...

vim vim < 9.2.0670 CVE
LOW 2.2 CVE-2026-57438

Nokogiri: Possible Use-After-Free in XInclude Processing_CVE-2026-57438

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XM...

sparklemotion nokogiri < 1.19.4 CVE
MEDIUM 5.7 CVE-2026-55895

Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename_CVE-2026-55895

Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the ...

vim vim < 9.2.0663 CVE
MEDIUM 5.5 CVE-2026-55892

Vim: Out-of-bounds Write in Spell File Prefix Dump_CVE-2026-55892

Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iter...

vim vim < 9.2.0662 CVE
MEDIUM 5.7 CVE-2026-55693

Vim: Out-of-bounds Write in Spell File Word Count_CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fiel...

vim vim < 9.2.0653 CVE
HIGH 7.2 CVE-2026-55477

Authenticated Arbitrary File Write via Database Import and Xray Log Path Manipulation_CVE-2026-55477

3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functiona...

MHSanaei 3x-ui < 3.3.1 CVE